Hi
I have Squid 3.3.4 setup as an SSL reverse proxy for web based mail.
The domain name on the outside is something like mail.example.org and
the domain name on the inside is something like webmail.example.local.
I am getting a TLS code: SQUID_X509_V_ERR_DOMAIN_MISMATCH error when
trying to connect.
My https_port line looks like so:
https_port 443 accel cert=/etc/squid/ssl_certs/mail.crt
key=/etc/squid/ssl_certs/mail.key cafile=/etc/squid/ssl_certs/mail.ca
defaultsite=webmail.example.local
The cache_peer line:
cache_peer 192.168.0.42 parent 443 0 no-query originserver login=PASS
ssl front-end-https=on name=webmailServer
The certificate on the web based mail server, inside, is issued to
webmail.example.local with a SAN of mail.example.org. The certificate
used on the Squid https_port config line is issued to mail.example.com
with no SAN.
I can understand why the DOMAIN_MISMATCH is occurring but was hoping
someone could recommend a work around?
Many thanks
Paul
Received on Tue Apr 30 2013 - 20:56:18 MDT
This archive was generated by hypermail 2.2.0 : Wed May 01 2013 - 12:00:48 MDT